Anonymous Arm Says It Hacked Stratfor

In Texas, a private intelligence company has apparently been hacked by the loosely organized activist group Anonymous. Some members claim they obtained personal information about Stratfor's clients, as well as thousands of credit cards numbers which were then used to make donations to charities. But other members have disavowed the hacking job. Freelance journalist Quinn Norton, who has profiled Anonymous for Wired Magazine, talks to Linda Wertheimer about the breach.

Transcript

STEVE INSKEEP, HOST:

And let's go next to Texas, where a private intelligence company has apparently been hacked by the loosely organized activist group known as Anonymous.

The Austin-based company Stratfor provides security analysis for major financial and technology firms, including Apple. Anonymous claims it obtained personal information about the company's high-profile clients as well as thousands of credit card numbers, which were then used to make donations to charities like Save the Children and the Red Cross.

LINDA WERTHEIMER, HOST:

Some Anonymous members have reportedly disavowed hacking Stratfor. Freelance journalist Quinn Norton has profiled Anonymous for Wired magazine. She's been talking online to members of AntiSec, an arm of Anonymous taking credit for this latest breach. We reached her via Skype in San Francisco.

Quinn, welcome back to our program.

QUINN NORTON: Thank you for having me.

WERTHEIMER: The vice president for intelligence of the company which was hacked, Stratfor, has told the Associated Press that he's called in the law; they've pulled down their website. But he went on to say that he thinks that hackers are extraordinarily difficult to defend against. For a security company, does that sound right to you?

NORTON: Oh yeah. The hardest part of security is what's called intrusion detection. And that's a matter of knowing whether or not you've been hacked. The way it's openly discussed in the security community is if somebody wants to hack into you, eventually they will manage it.

WERTHEIMER: What we're hearing - and we have to say that almost all of the facts, apart from the fact of the hack, are coming from Anonymous - but we're hearing that people who paid for Stratfor's services with credit cards find they are making involuntary donations to charities. A couple of people have come forward and said that they have discovered these involuntary donations. What happens if you find you've suddenly given money to Save the Children, and you didn't do it?

NORTON: Well, this is a fairly standard part of credit cards these days, so there's already a system for handling this. People can report the fraudulent charges. As with any fraudulent charges, they'll be reversed. The money will be claimed back from the charity, which means this can actually be very damaging for the charities that have dubiously benefited, because they're going to be hit with something called a chargeback; they're not going to get to keep that money. In some cases, they'll face penalties as well.

WERTHEIMER: This reminds me of a brand-new movie, "The Girl with the Dragon Tattoo," which highlights a community of hackers that are said to be the best of the best in their fictional world, and they have all sorts of rules about what they will hack, and what they will do. But they consider themselves a sort of hacker elite. Do you think we're seeing something like that getting started here?

NORTON: Well, the particular wing of Anonymous that has done this goes by Antisec. And a little bit like that fictional group, Antisec kind of a specific set of values about how and when they do these sorts of hacks. These hacks most recently have been fairly politically motivated. They're in response to events that we're seeing go by in the news. They do put out a fairly steady stream of announcements and press releases. The evictions and crackdowns on the Occupy Wall Street movement get a lot of mention as to what's motivating this set of more political hacks.

The other thing the Antisec people are claiming to have done is, they've transferred out of the company 200 gigabytes of email, which represents somewhere between 2.4, 2.5 million emails.

WERTHEIMER: So we should take this very seriously; not so seriously; it's the new world we live in - what?

NORTON: This is very serious, and it is the new world we live in. I feel like if it's online, we should consider very strongly that it - someday, it will be public. And that's the new reality that I think governments and corporations are really going to have to learn to live with.